googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, September 17, 2024
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0
    • session level icon
    speaker photo
    vCISO & Managing Director, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    9:00 am
    [PLUS Course] Implementing a World-Class Vulnerability Management Program with CVSS v4
    • session level icon
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    On November 1, 2023, the Common Vulnerability Scoring System (CVSS) version 4 standard was released. Version 4 is a significant departure from previous versions, causing most CVSS scores to increase by 5 percent. Are you already struggling to keep up with current vulnerabilities? How will a 5 percent increase in critical and high vulnerabilities impact your vulnerability management program?

    In this course, CVSS SIG member Steven Aiello covers the updates in the CVSS v4 standard that will impact your vulnerability management program. You’ll learn how to leverage the environmental metrics of the CVSS v4 standard to reduce the severity of vulnerabilities. You’ll learn critical reporting features of the CVSS v4 standard and important CVSS vector attributes to look for to identify vulnerabilities that present the most risk to your organization. We’ll examine the increased emphasis in the CVSS v4 standard and how threat intelligence will help you prioritize the most severe vulnerabilities. Finally, we’ll cover how you can put these principles into practice at your organization to enhance the efficiency of your vulnerability management program.

    This course is designed for individuals responsible for managing and running vulnerability programs, as well as IT operations teams looking for a way to prioritize vulnerability reports. These methodologies were used at the world’s leading healthcare organization (according to Newsweek.com) and reduced critical and high vulnerabilities by 72 percent when compared to CVSS base scores.

  • Wednesday, September 18, 2024
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    speaker photo
    AVP, Information Security Services, Amerisure Insurance
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    Are You in a Dysfunctional Relationship with the HR Department?
    • session level icon
    speaker photo
    Executive Director, National Cybersecurity Alliance
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    When HR and security teams understand their respective roles, value each other, and have an open, productive partnership, life is good. They can help each other be more effective and complement each other’s functions. Unfortunately, that symbiotic state can be hard to achieve. For security teams, HR folks can be hard to understand. Sometimes they seem like a great advocate for security, and at other times they can seem more like a blocker of our efforts to better secure the organization.

    For HR professionals, dealing with the security team can be a challenge. For example, the security team might send out an emotionally-triggering simulated phish to everyone in the organization, causing numerous employee complaints that HR has to manage. So what can you do if you don’t have the best relationship with the HR team?

    This talk, based on years of experience navigating the relationship between HR and security teams, will cover the issues that cause the biggest disconnects between HR and security. We’ll look at the issues from both sides and cover proposed solutions for each. Improving the relationships for both departments can lead to happier HR and security professionals who are more effective in their roles, and a company that’s better protected and prepared against cyber threats.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] A CISO Panel
    • session level icon
    speaker photo
    Cyber & Information Security Director, Inteva Products
    speaker photo
    Vice President of Information Technology, Detroit Pistons
    speaker photo
    VP, Information Security & PMO, Penske Automotive Group
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    Session description to come.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    How to Build an Insider Threat Program
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

    Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

    This presentation will explore:

    • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
    • Four attributes of a successful insider threat program
    • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
    • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
    10:15 am
    Securing the Supply Chain
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    A discussion of managing third-party risk and how to manage expectations and contracts with vendors.

    10:15 am
    Efficient Security for Sm(all) Teams
    • session level icon
    speaker photo
    CTO & Co-Founder, Blumira
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Session description to come.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Social Engineering: Training the Human Firewall
    • session level icon
    speaker photo
    Team Leader of Information Security, Garmin
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    11:10 am
    Enterprise-Wide Protection Using AI
    • session level icon
    speaker photo
    Principal Solution Engineer, SentinelOne
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description to come.

    11:10 am
    [Panel] Unveiling the Threat Landscape and Unmasking Digital Villains
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

    Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

    Our panel provides a comprehensive overview of the current threat landscape.

    12:00 pm
    [Lunch Keynote] The State of Cybersecurity in the State of Michigan
    • session level icon
    speaker photo
    CIO, State of Michigan
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description to come.

    12:00 pm
    Advisory Council Roundtable Lunch (VIP / Invite only)
    • session level icon
    The Surprising List of CISO Top Concerns
    speaker photo
    Sr. Manager, IT Security, BorgWarner
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    Taking a cross-section of recent surveys (ISC2 , Dark Reading, PwC), arguably the top CISO concerns—not “priorities” but “concerns”—are third-party security risks, data manipulation, and burnout. Together, these represent the true CISO-level risks, compared to what’s in the news on a daily basis: AI, ransomware, supply chain and insider risks, cyber warfare, nation-state actors, etc. In this private, closed-door discussion, we challenge whether these three concerns are a correct and complete list, and discuss how/why they differ from those other top CISO priorities. The goal is to walk away with a new-look “to-do list” for your job versus the one with which you walked in.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    Securing Autonomous Vehicles: Unveiling Emerging Threats from Technological Advances and Effective Mitigation Strategies
    • session level icon
    speaker photo
    Cybersecurity and Compliance Engineer, May Mobility
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm
    Amidst the dynamic cybersecurity landscape, technological advancements intersect with increasingly sophisticated threat actors, from individual hackers to coordinated cybercriminal groups, including Advanced Persistent Threat (APT) actors. With expanding vehicle autonomy, connectivity, and AI, vulnerabilities intensify, demanding a nuanced understanding of emerging threats posed by adept adversaries, particularly APT groups, from a technical viewpoint.
     
    This presentation delves deeply into analyzing advanced threat actors’ methodologies, intricate tools, and multifaceted attack vectors, emphasizing APT groups’ strategies. Highlighting the significance of robust governance, risk management, and compliance (GRC) strategies, it underscores their role in fortifying defenses against evolving threats, including APT-driven attacks. Join us for comprehensive insights into APT threat actors and effective GRC strategies, bolstering your cybersecurity posture against sophisticated challenges – whether you’re securing autonomous vehicles or other critical systems within your organization.
    1:15 pm
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    1:15 pm
    [Panel] Elevating Security Through Threat Intelligence, Cloud Resilience, and AI Innovations
    • session level icon
    speaker photo
    Sr. Manager, Third-Party Risk, Raytheon Technologies
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.

    Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.

    Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.

    1:15 pm
    Skybox Security Session
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Session description to come.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Running Cybersecurity as a Business
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    The old way of running security no longer works. Providing insights from a CISO’s perspective—and perhaps with some controversial takes—this keynote delves into the strategic shift from traditional IT security to “trust product development” measured in value outcomes. The session underlines how such a strategic pivot can meet rigorous cybersecurity standards while promoting growth and retention by aligning trust mechanisms to various customer stakeholders.

    2:10 pm
    Cybersecurity in the Age of Machine Learning and Artificial Intelligence
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Artificial Intelligence (AI) coupled with Machine Learning (ML) has tremendous potential to strengthen defenses, but the benefits of ML/AI in cust be contextualized against the risks it poses. The usage of ML/AI has increased exponentially, but security and privacy governance and policies have not expanded at the same rate. Moreover, the pace of instituting AI and privacy regulations varies across the globe, creating a rather complex governance structure for cybersecurity personnel to operate under. This presentation delves into the security and privacy implications of using ML/AI in the organization, whether it is using ML/AI-based security tools or ensuring security of ML/AI-based products developed by the organization.

    2:10 pm
    ISSA Motor City Chapter Meeting with Guest Speaker
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Session description to come.

    2:10 pm
    Canary Trap Session
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Session description to come.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    3:30 pm
    [Closing Keynote] Drag Racing & Cybersecurity: The Crossover
    • session level icon
    speaker photo
    Associate CISO, St. Luke's University Health Network
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    You’d be amazed what you can learn from everyday hobbies or obstacles to help you become a better practitioner. Krista Arndt shares a very personal story of survival after a bad drag racing accident in 2015. It was a life-altering experience and provided perspective on her personal and professional life that drives her every day as a loving mom and wife, volunteer, and successful CISO.

Exhibitors
  • Arista Networks
    Booth: TBD

    Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments. Arista’s award-winning platforms, ranging in Ethernet speeds from 10 to 100 gigabits per second, redefine scalability, agility and resilience. Arista has shipped more than 15 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Committed to open standards, Arista is a founding member of the 25/50GbE consortium. Arista Networks products are available worldwide directly and through partners.

  • Blumira
    Booth: TBD

    Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more efficiently defend against cybersecurity threats in near real-time. It eases the burden of alert fatigue, complexity of log management and lack of IT visibility.

    Blumira’s cloud SIEM can be deployed in hours with broad integration coverage across cloud, endpoint protection, firewall and identity providers including Azure, Office 365, G Suite, Crowdstrike, Okta, Palo Alto, Cisco FTD and many others.

  • Canary Trap
    Booth: TBD

    Canary Trap is a recognized industry leader in offensive security, security advisory and assessment services. Founded by ethical hackers and certified security experts who share in the common goal of protecting organizations from becoming a victim of the next cyber-attack.

    Canary Trap combines human expertise with sophisticated tools and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to all security testing and assessments.

  • Cato Networks
    Booth: TBD

    Cato Networks pioneered the convergence of networking and security into the cloud. Aligned with Gartner’s Secure Access Service Edge (SASE) and Security Service Edge (SSE) frameworks, Cato’s vision is to deliver a next generation secure network architecture that eliminates the complexity, costs, and risks associated with legacy IT approaches based on disjointed point solutions. With Cato, organizations securely and optimally connect any user to any application anywhere on the globe. Our cloud-native architecture enables Cato to rapidly deploy new capabilities and maintain optimum security posture, without any effort from the IT teams. With Cato, your IT organization and your business are ready for whatever comes next. For more information, visit https://www.catonetworks.com.

  • Cloud Security Alliance Detroit
    Booth: TBD
  • Critical Start
    Booth: TBD

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • InfraGard Michigan
    Booth: TBD

    InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.

  • ISACA Detroit
    Booth: TBD

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Detroit area.

  • ISC2 Greater Detroit
    Booth: TBD

    ISC2 is consists of over 80,000 members worldwide. Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques. The Greater Detroit chapter was been established in 2012 to help bring together local professionals. Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification.

  • ISSA Motor City
    Booth: TBD

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals. The Motor City chapter is located in the automotive capital of the United States, Detroit, MI. Our chapter is committed to educating, consulting, advising, and overall improving information security for our technology infrastructures.

  • Mimecast
    Booth: TBD

    Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.

  • Nexum
    Booth: TBD

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio, and Wisconsin, as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Proofpoint
    Booth: TBD

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • SentinelOne
    Booth: TBD

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Skybox Security
    Booth: TBD

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Varonis Systems, Inc.
    Booth: TBD

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Waterfall Security
    Booth: TBD

    Waterfall Security’s technology represents an evolutionary alternative to firewalls. Our innovative, patented Unidirectional Security Gateway solutions enable safe and reliable IT/OT integration, data sharing, cloud services, and all required connectivity for industrial control systems and critical infrastructures. Waterfall Security’s products dramatically reduce the cost and complexity of regulatory compliance with NERC CIP, NRC, NIST, CFATS, ANSSI and others.

    Waterfall products enable external parties, HQ, engineering, contractors and vendors, cloud services, and others to have access to operational information, while keeping the industrial control systems safe and secure. Our purpose-built hardware based security is enhanced by off-the-shelf software with a multitude of interfaces to widest range of industrial systems, protocols, databases and IT solutions in the market.

    Waterfall has a growing list of customers worldwide, including national infrastructures throughout North America, Europe, Asia and the Middle-East in power plants, nuclear plants, on/off-shore platforms, refineries, manufacturing plants, utility companies plus many more. Our strategic partners are multinational conglomerates and integrators in manufacturing, automation and other parallel industries.

  • WiCyS Michigan Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Glen Sorensen, Instructor
    vCISO & Managing Director, Cyber Risk Opportunities LLC

    Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.

    Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.

  • speaker photo
    Steven Aiello, Instructor
    CISO, AHEAD

    Steven Aiello holds a BA in Technology Management and a Master's of Science with a concentration in Information Assurance. Currently, he is the Security & Compliance Practice Director and vCISO with AHEAD, a consulting firm based in Chicago. Steven works closely with clients working across storage, virtualization, and security silos.

  • speaker photo
    Bob Bacigal, Moderator
    AVP, Information Security Services, Amerisure Insurance

    Bob Bacigal is the Assistant Vice President of Information Security at Amerisure Insurance. He has over 30 years of experience in information security management, risk management, incident response, disaster recovery, and business continuity planning. Prior to joining Amerisure, he held security management positions with Great Lakes BanCorp, the Federal Reserve Bank of Chicago, and Delphi Corporation. Bob is an active member of the InfoSec community and has served as President and Chairman of the InfraGard Michigan Members Alliance (IMMA) and is currently serving on its Board of Directors. He is an active member of the State of Michigan CSO Kitchen Cabinet, Detroit CISO Executive Council Governing Body, and the SecureWorld Detroit Advisory Council. Bacigal earned his bachelor’s degree in Criminology form Eastern Michigan University and is both a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM).

  • speaker photo
    Lisa Plaggemier
    Executive Director, National Cybersecurity Alliance

    Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

  • speaker photo
    Ahmeed Ahmeed
    Cyber & Information Security Director, Inteva Products
  • speaker photo
    Paul Rapier
    Vice President of Information Technology, Detroit Pistons
  • speaker photo
    Mo Wehbi
    VP, Information Security & PMO, Penske Automotive Group

    As the Director of Information Security & Project Management Office within the IT department at Penske Automotive Group, Mo oversees the implementation and governance of cybersecurity and IT service management best practices across the organization. He has over 18 years of experience in leading and managing complex IT projects, portfolios, and programs, as well as ensuring compliance, data security, and risk management for multiple business units and stakeholders.

    He is also an active board member and speaker at various professional associations and forums, such as ISACA, Cloud Security Alliance, and Cybersecurity Collaboration Forum, where he shares his insights and expertise on emerging trends and challenges in the cybersecurity and IT services. His specialties include Risk Management, Information Security Management, Compliance, Data Security, Project Management, Portfolio Management, Program Management, Mergers, Acquisitions and Divestitures, Organization Management, Change Management, and IT Management.

  • speaker photo
    Matthew Warner
    CTO & Co-Founder, Blumira

    Matthew Warner is the Chief Technology Officer and co-founder of Blumira, bringing nearly two decades of cybersecurity experience to the company. Prior to founding Blumira, Matthew served as Director of Security Services at NetWorks Group, an MSSP focused on compliance and ethical hacking.

    Seeing a gap in the market, Matthew developed a threat detection and response platform designed specifically for SMBs that was easy to use and cost-effective. The success of this technology led him to found Blumira and focus on scaling the platform.

    Passionate about cybersecurity education, Matthew frequently shares practical advice to help resource-constrained SMBs improve their security through webinars, articles, podcasts and more. His genuine desire to help SMBs, often the most vulnerable to cyberattacks, strengthen their security posture shines through.

    Matthew’s leadership and innovative problem-solving were recognized in 2022 when he received the CTO of the Year award from the Globee Cybersecurity Global Excellence Awards. He was specifically honored for his notable research uncovering additional Log4j vulnerabilities and contributions to Blumira’s 2022 State of Threat Detection and Response Report.

  • speaker photo
    Reanna Schultz
    Team Leader of Information Security, Garmin

    Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.

  • speaker photo
    Shane Harsch
    Principal Solution Engineer, SentinelOne

    Shane Harsch is a Principal Solution Engineer at SentinelOne, a SANS Instructor, and an Adjunct Instructor at the University of Michigan with more than 25 years of experience in military, manufacturing, consulting, and professional services. He is a commissioned officer in the U.S. Army (MI), holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: GCIA, GCIH, GCED, CISSP, CTIA.

  • speaker photo
    Panel Discussion
  • speaker photo
    Steven Aiello, Moderator
    vCISO, AHEAD

    Mr. Aiello holds a BA in Technology Management and a Master's of Science with a concentration in Information Assurance. Currently, he is a Security & Compliance Practice Director with AHEAD, a consulting firm based in Chicago. Steven works closely with clients working across storage, virtualization and security silos.

  • speaker photo
    Laura Clark
    CIO, State of Michigan

    Laura Clark serves as the chief information officer (CIO) for the State of Michigan, directing the state’s technology and security efforts. As deputy director for the Michigan Department of Technology, Management & Budget (DTMB), she also oversees operations for the department, which provides information technology, business, and administrative services to state employees and stakeholders, as well as Michigan residents, visitors, and businesses.

    During her 20-year career in public service, Clark has embraced a hands-on, adaptable approach to leadership. Since being appointed as CIO by Gov. Gretchen Whitmer, she has helped the State of Michigan achieve success through many initiatives, such as the launch of the award-winning Michigan Secure mobile app and successfully securing $20 million in critical cybersecurity funding from the Michigan Legislature for statewide security enhancements.

    In her day-to-day work, Clark values the contributions of every person on DTMB’s 5,000 member team and has the unique ability to connect her sense of purpose and service with the overall work and mission of directing the State of Michigan’s technology and security efforts. She leads by example, seeking out opportunities that will allow those around her to succeed. Throughout these efforts, Clark’s compassion, patience, experience, and skills as are helping DTMB and the entire state forge a successful path into the digital future.

  • speaker photo
    Ryan Mostiller, Moderator
    Sr. Manager, IT Security, BorgWarner

    Ryan has nearly 10 years of experience in defending large enterprise environments, specializing in Windows and Active Directory environments. Ryan has responsibility for Incident Response, Vulnerability Management, and the Management of all Security Tools and Controls. Ryan is a proud double alumnus from Oakland University as well as husband and father.

  • speaker photo
    Hemanth Tadepalli
    Cybersecurity and Compliance Engineer, May Mobility

    Hemanth Tadepalli is a Cybersecurity Compliance Engineer at May Mobility, excelling in the realm of autonomous transportation services. With a rich professional background spanning roles at AlixPartners, Mandiant, Google, and SensCy, he specializes in ensuring compliance with stringent standards like ISO 27001, SOC 2, ISO/SAE 21434, and others. Hemanth co-founded MYCAP (Michigan Young Cybersecurity Analysts and Professionals), fostering budding talents in the cybersecurity domain. Appointed by the Michigan Department of State in 2022, he served on the Collegiate Advisory Task Force, determined and implemented recommendations to improve voter education and engagement among universities across the state of Michigan. The task force played an important role in election security, integrity, and combatting the result of misinformation being spread.

    Hemanth has presented at the Detroit Automotive Cybersecurity Conference and various other prominent industry events, showcasing his expertise and thought leadership. He holds a Computer Science degree with a cybersecurity concentration and minors in Pre-Law, Innovation, and Entrepreneurship from Kettering University. Currently pursuing a Master's in Cybersecurity at the University of California, Berkeley, he continues to drive innovation and excellence in the cybersecurity landscape.

  • speaker photo
    Panel Discussion
  • speaker photo
    Mary Rowley, Moderator
    Sr. Manager, Third-Party Risk, Raytheon Technologies

    Mary’s several years of leadership experience encompasses many areas of cybersecurity with a focus on IT risk management, IT audit, security awareness training, vulnerability management and incident response. Her extensive information security background includes working at Henry Ford Health System, Comerica Bank, WorkForce Software, Learning Care Group and most recently, Raytheon Technologies, where she continues to build and mature the company’s Cyber 3rd party risk program. Mary is a graduate from Walsh College with a Master’s degree in Business Information Technology, Information Assurance and holds several certifications including CISSP, CISA and CRISC.

  • speaker photo
    Happy Hour
  • speaker photo
    Krista Arndt
    Associate CISO, St. Luke's University Health Network

    Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

    Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

    When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your local cybersecurity community for learning and professional growth!